Recently, a network engineer captured and listened to sensitive phone calls made to the FBI and the secret service…
…And he used a simple loophole within Google’s place listings to make it happen, without anybody knowing.
Google has known about this loophole for at least four years, and done nothing about it.
Brian Seely recently played recordings that citizens and police officers were having with FBI and secret service personnel.
The callers found the numbers for the FBI and the secret service by looking them up on Google places. But they didn’t realise that Brian had set up fake listings displaying numbers that he owned himself.
He then forwarded the calls to the actual offices and recorded the entire thing.
Brian had this to say:
“Who is gonna think twice about what Google publishes on their maps? Everyone trusts Google implicitly and it’s completely unwarranted and it’s completely unsafe. I could make a duplicate of the White House and take every inbound phone call from the White House. I could do it for every Senator, every Congressman, every mayor, every governor—every Democratic, every Republican candidate. Every office.”
He had reported this loophole to Google, but after being repeatedly ignored, he decided to take matters into his own hands.
After recording the calls, he walked into a secret service office to show them. Whilst there, he actually intercepted a call that was being made from a police officer to the secret service, regarding an ongoing investigation.
That got their attention.
He was then read his Miranda rights and interrogated in an interview room. The agent in charge at the special services office referred to Brian as a “hero” for bringing this loophole to their attention.
Now, Google have said they are looking into the matter, and Mr Leary; a spokesman for the secret service gave this statement:
“The incident in question involves an individual posting their own phone number as a Secret Service field office phone number on Google Maps. When unsuspecting citizens utilize this incorrect third party phone number to contact the Secret Service the call is directed through the third party system and recorded. This is not a vulnerability or compromise of our phone system. Virtually any phone number that appears on a crowdsourcing platform could be manipulated in this way.
This incident will be investigated thoroughly and appropriately. The Secret Service encourages the general public to visit our website at www.secretservice.gov to obtain accurate contact information for our field offices.”
The full story, as well as the actual recordings that Brian captured can be found here.